From 2f27a3874ddb06a9ffba423417b6df4848b3ab27 Mon Sep 17 00:00:00 2001 From: Maximilien McDermott Date: Sat, 18 Nov 2023 10:47:40 -0600 Subject: [PATCH 1/8] Smtp documentation update (#472) * Clarifies fromAddress documentation Documentation IssueNumber: 236 Signed-off-by: Veymax * Bumps version number per contributing guidelines Signed-off-by: Veymax * Update charts/nextcloud/Chart.yaml - don't bump chart Signed-off-by: JesseBot --------- Signed-off-by: Veymax Signed-off-by: JesseBot Co-authored-by: JesseBot --- charts/nextcloud/README.md | 232 ++++++++++++++++++------------------- 1 file changed, 116 insertions(+), 116 deletions(-) diff --git a/charts/nextcloud/README.md b/charts/nextcloud/README.md index 4dfdb9cc..51c80648 100644 --- a/charts/nextcloud/README.md +++ b/charts/nextcloud/README.md @@ -80,122 +80,122 @@ The command removes all the Kubernetes components associated with the chart and The following table lists the configurable parameters of the nextcloud chart and their default values. -| Parameter | Description | Default | -|------------------------------------------------------------|----------------------------------------------------------------------------------------------|----------------------------| -| `image.repository` | nextcloud Image name | `nextcloud` | -| `image.flavor` | nextcloud Image type (Options: apache, fpm) | `apache` | -| `image.tag` | nextcloud Image tag | `appVersion` | -| `image.pullPolicy` | Image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify image pull secrets | `nil` | -| `replicaCount` | Number of nextcloud pods to deploy | `1` | -| `ingress.className` | Name of the ingress class to use | `nil` | -| `ingress.enabled` | Enable use of ingress controllers | `false` | -| `ingress.servicePort` | Ingress' backend servicePort | `http` | -| `ingress.annotations` | An array of service annotations | `nil` | -| `ingress.labels` | An array of service labels | `nil` | -| `ingress.path` | The `Path` to use in Ingress' `paths` | `/` | -| `ingress.pathType` | The `PathType` to use in Ingress' `paths` | `Prefix` | -| `ingress.tls` | Ingress TLS configuration | `[]` | -| `nextcloud.host` | nextcloud host to create application URLs, updates trusted_domains at installation time only | `nextcloud.kube.home` | -| `nextcloud.username` | User of the application | `admin` | -| `nextcloud.password` | Application password | `changeme` | -| `nextcloud.existingSecret.enabled` | Whether to use an existing secret or not | `false` | -| `nextcloud.existingSecret.secretName` | Name of the existing secret | `nil` | -| `nextcloud.existingSecret.usernameKey` | Name of the key that contains the username | `nil` | -| `nextcloud.existingSecret.passwordKey` | Name of the key that contains the password | `nil` | -| `nextcloud.existingSecret.smtpUsernameKey` | Name of the key that contains the SMTP username | `nil` | -| `nextcloud.existingSecret.smtpPasswordKey` | Name of the key that contains the SMTP password | `nil` | -| `nextcloud.existingSecret.smtpHostKey` | Name of the key that contains the SMTP hostname | `nil` | -| `nextcloud.update` | Trigger update if custom command is used | `0` | -| `nextcloud.containerPort` | Customize container port when not running as root | `80` | -| `nextcloud.datadir` | nextcloud data dir location | `/var/www/html/data` | -| `nextcloud.mail.enabled` | Whether to enable/disable email settings | `false` | -| `nextcloud.mail.fromAddress` | nextcloud mail send from field | `nil` | -| `nextcloud.mail.domain` | nextcloud mail domain | `nil` | -| `nextcloud.mail.smtp.host` | SMTP hostname | `nil` | -| `nextcloud.mail.smtp.secure` | SMTP connection `ssl` or empty | `''` | -| `nextcloud.mail.smtp.port` | Optional SMTP port | `nil` | -| `nextcloud.mail.smtp.authtype` | SMTP authentication method | `LOGIN` | -| `nextcloud.mail.smtp.name` | SMTP username | `''` | -| `nextcloud.mail.smtp.password` | SMTP password | `''` | -| `nextcloud.configs` | Config files created in `/var/www/html/config` | `{}` | -| `nextcloud.persistence.subPath` | Set the subPath for nextcloud to use in volume | `nil` | -| `nextcloud.phpConfigs` | PHP Config files created in `/usr/local/etc/php/conf.d` | `{}` | -| `nextcloud.defaultConfigs.\.htaccess` | Default .htaccess to protect `/var/www/html/config` | `true` | -| `nextcloud.defaultConfigs.redis\.config\.php` | Default Redis configuration | `true` | -| `nextcloud.defaultConfigs.apache-pretty-urls\.config\.php` | Default Apache configuration for rewrite urls | `true` | -| `nextcloud.defaultConfigs.apcu\.config\.php` | Default configuration to define APCu as local cache | `true` | -| `nextcloud.defaultConfigs.apps\.config\.php` | Default configuration for apps | `true` | -| `nextcloud.defaultConfigs.autoconfig\.php` | Default auto-configuration for databases | `true` | -| `nextcloud.defaultConfigs.smtp\.config\.php` | Default configuration for smtp | `true` | -| `nextcloud.strategy` | specifies the strategy used to replace old Pods by new ones | `type: Recreate` | -| `nextcloud.extraEnv` | specify additional environment variables | `{}` | -| `nextcloud.extraSidecarContainers` | specify additional sidecar containers | `[]` | -| `nextcloud.extraInitContainers` | specify additional init containers | `[]` | -| `nextcloud.extraVolumes` | specify additional volumes for the NextCloud pod | `{}` | -| `nextcloud.extraVolumeMounts` | specify additional volume mounts for the NextCloud pod | `{}` | -| `nextcloud.securityContext` | Optional security context for the NextCloud container | `nil` | -| `nextcloud.podSecurityContext` | Optional security context for the NextCloud pod (applies to all containers in the pod) | `nil` | -| `nginx.enabled` | Enable nginx (requires you use php-fpm image) | `false` | -| `nginx.image.repository` | nginx Image name, e.g. use `nginxinc/nginx-unprivileged` for rootless container | `nginx` | -| `nginx.image.tag` | nginx Image tag | `alpine` | -| `nginx.image.pullPolicy` | nginx Image pull policy | `IfNotPresent` | -| `nginx.image.pullPolicy` | nginx Image pull policy | `IfNotPresent` | -| `nginx.containerPort` | Customize container port e.g. when not running as root | `IfNotPresent` | -| `nginx.config.default` | Whether to use nextcloud's recommended nginx config | `true` | -| `nginx.config.custom` | Specify a custom config for nginx | `{}` | -| `nginx.resources` | nginx resources | `{}` | -| `nginx.securityContext` | Optional security context for the nginx container | `nil` | -| `lifecycle.postStartCommand` | Specify deployment lifecycle hook postStartCommand | `nil` | -| `lifecycle.preStopCommand` | Specify deployment lifecycle hook preStopCommand | `nil` | -| `redis.enabled` | Whether to install/use redis for locking | `false` | -| `redis.auth.enabled` | Whether to enable password authentication with redis | `true` | -| `redis.auth.password` | The password redis uses | `''` | -| `redis.auth.existingSecret` | The name of an existing secret with RedisĀ® credentials | `''` | -| `redis.auth.existingSecretPasswordKey` | Password key to be retrieved from existing secret | `''` | -| `cronjob.enabled` | Whether to enable/disable cron jobs sidecar | `false` | -| `cronjob.lifecycle.postStartCommand` | Specify deployment lifecycle hook postStartCommand for the cron jobs sidecar | `nil` | -| `cronjob.lifecycle.preStopCommand` | Specify deployment lifecycle hook preStopCommand for the cron jobs sidecar | `nil` | -| `cronjob.resources` | CPU/Memory resource requests/limits for the cron jobs sidecar | `{}` | -| `cronjob.securityContext` | Optional security context for cron jobs sidecar | `nil` | -| `service.type` | Kubernetes Service type | `ClusterIP` | -| `service.loadBalancerIP` | LoadBalancerIp for service type LoadBalancer | `""` | -| `service.nodePort` | NodePort for service type NodePort | `nil` | -| `service.ipFamilies` | Set ipFamilies as in k8s service objects | `nil` | -| `service.ipFamyPolicy` | define IP protocol bindings as in k8s service objects | `nil` | -| `phpClientHttpsFix.enabled` | Sets OVERWRITEPROTOCOL for https ingress redirect | `false` | -| `phpClientHttpsFix.protocol` | Sets OVERWRITEPROTOCOL for https ingress redirect | `https` | -| `resources` | CPU/Memory resource requests/limits | `{}` | -| `rbac.enabled` | Enable Role and rolebinding for priveledged PSP | `false` | -| `rbac.serviceaccount.create` | Wether to create a serviceaccount or use an existing one (requires rbac) | `true` | -| `rbac.serviceaccount.name` | The name of the sevice account that the deployment will use (requires rbac) | `nextcloud-serviceaccount` | -| `rbac.serviceaccount.annotations` | Serviceaccount annotations | `{}` | -| `livenessProbe.enabled` | Turn on and off liveness probe | `true` | -| `livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `10` | -| `livenessProbe.periodSeconds` | How often to perform the probe | `10` | -| `livenessProbe.timeoutSeconds` | When the probe times out | `5` | -| `livenessProbe.failureThreshold` | Minimum consecutive failures for the probe | `3` | -| `livenessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | -| `readinessProbe.enabled` | Turn on and off readiness probe | `true` | -| `readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `10` | -| `readinessProbe.periodSeconds` | How often to perform the probe | `10` | -| `readinessProbe.timeoutSeconds` | When the probe times out | `5` | -| `readinessProbe.failureThreshold` | Minimum consecutive failures for the probe | `3` | -| `readinessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | -| `startupProbe.enabled` | Turn on and off startup probe | `false` | -| `startupProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` | -| `startupProbe.periodSeconds` | How often to perform the probe | `10` | -| `startupProbe.timeoutSeconds` | When the probe times out | `5` | -| `startupProbe.failureThreshold` | Minimum consecutive failures for the probe | `30` | -| `startupProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | -| `hpa.enabled` | Boolean to create a HorizontalPodAutoscaler | `false` | -| `hpa.cputhreshold` | CPU threshold percent for the HorizontalPodAutoscale | `60` | -| `hpa.minPods` | Min. pods for the Nextcloud HorizontalPodAutoscaler | `1` | -| `hpa.maxPods` | Max. pods for the Nextcloud HorizontalPodAutoscaler | `10` | -| `deploymentLabels` | Labels to be added at 'deployment' level | not set | -| `deploymentAnnotations` | Annotations to be added at 'deployment' level | not set | -| `podLabels` | Labels to be added at 'pod' level | not set | -| `podAnnotations` | Annotations to be added at 'pod' level | not set | +| Parameter | Description | Default | +|------------------------------------------------------------|-----------------------------------------------------------------------------------------------------|----------------------------| +| `image.repository` | nextcloud Image name | `nextcloud` | +| `image.flavor` | nextcloud Image type (Options: apache, fpm) | `apache` | +| `image.tag` | nextcloud Image tag | `appVersion` | +| `image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify image pull secrets | `nil` | +| `replicaCount` | Number of nextcloud pods to deploy | `1` | +| `ingress.className` | Name of the ingress class to use | `nil` | +| `ingress.enabled` | Enable use of ingress controllers | `false` | +| `ingress.servicePort` | Ingress' backend servicePort | `http` | +| `ingress.annotations` | An array of service annotations | `nil` | +| `ingress.labels` | An array of service labels | `nil` | +| `ingress.path` | The `Path` to use in Ingress' `paths` | `/` | +| `ingress.pathType` | The `PathType` to use in Ingress' `paths` | `Prefix` | +| `ingress.tls` | Ingress TLS configuration | `[]` | +| `nextcloud.host` | nextcloud host to create application URLs, updates trusted_domains at installation time only | `nextcloud.kube.home` | +| `nextcloud.username` | User of the application | `admin` | +| `nextcloud.password` | Application password | `changeme` | +| `nextcloud.existingSecret.enabled` | Whether to use an existing secret or not | `false` | +| `nextcloud.existingSecret.secretName` | Name of the existing secret | `nil` | +| `nextcloud.existingSecret.usernameKey` | Name of the key that contains the username | `nil` | +| `nextcloud.existingSecret.passwordKey` | Name of the key that contains the password | `nil` | +| `nextcloud.existingSecret.smtpUsernameKey` | Name of the key that contains the SMTP username | `nil` | +| `nextcloud.existingSecret.smtpPasswordKey` | Name of the key that contains the SMTP password | `nil` | +| `nextcloud.existingSecret.smtpHostKey` | Name of the key that contains the SMTP hostname | `nil` | +| `nextcloud.update` | Trigger update if custom command is used | `0` | +| `nextcloud.containerPort` | Customize container port when not running as root | `80` | +| `nextcloud.datadir` | nextcloud data dir location | `/var/www/html/data` | +| `nextcloud.mail.enabled` | Whether to enable/disable email settings | `false` | +| `nextcloud.mail.fromAddress` | nextcloud mail send from field | `nil` | +| `nextcloud.mail.domain` | nextcloud mail domain | `nil` | +| `nextcloud.mail.smtp.host` | SMTP hostname | `nil` | +| `nextcloud.mail.smtp.secure` | SMTP connection `ssl` or empty | `''` | +| `nextcloud.mail.smtp.port` | Optional SMTP port | `nil` | +| `nextcloud.mail.smtp.authtype` | SMTP authentication method | `LOGIN` | +| `nextcloud.mail.smtp.name` | SMTP username, ONLY the part before the domain name. i.e. 'postmaster' NOT 'postmaster@example.com' | `''` | +| `nextcloud.mail.smtp.password` | SMTP password | `''` | +| `nextcloud.configs` | Config files created in `/var/www/html/config` | `{}` | +| `nextcloud.persistence.subPath` | Set the subPath for nextcloud to use in volume | `nil` | +| `nextcloud.phpConfigs` | PHP Config files created in `/usr/local/etc/php/conf.d` | `{}` | +| `nextcloud.defaultConfigs.\.htaccess` | Default .htaccess to protect `/var/www/html/config` | `true` | +| `nextcloud.defaultConfigs.redis\.config\.php` | Default Redis configuration | `true` | +| `nextcloud.defaultConfigs.apache-pretty-urls\.config\.php` | Default Apache configuration for rewrite urls | `true` | +| `nextcloud.defaultConfigs.apcu\.config\.php` | Default configuration to define APCu as local cache | `true` | +| `nextcloud.defaultConfigs.apps\.config\.php` | Default configuration for apps | `true` | +| `nextcloud.defaultConfigs.autoconfig\.php` | Default auto-configuration for databases | `true` | +| `nextcloud.defaultConfigs.smtp\.config\.php` | Default configuration for smtp | `true` | +| `nextcloud.strategy` | specifies the strategy used to replace old Pods by new ones | `type: Recreate` | +| `nextcloud.extraEnv` | specify additional environment variables | `{}` | +| `nextcloud.extraSidecarContainers` | specify additional sidecar containers | `[]` | +| `nextcloud.extraInitContainers` | specify additional init containers | `[]` | +| `nextcloud.extraVolumes` | specify additional volumes for the NextCloud pod | `{}` | +| `nextcloud.extraVolumeMounts` | specify additional volume mounts for the NextCloud pod | `{}` | +| `nextcloud.securityContext` | Optional security context for the NextCloud container | `nil` | +| `nextcloud.podSecurityContext` | Optional security context for the NextCloud pod (applies to all containers in the pod) | `nil` | +| `nginx.enabled` | Enable nginx (requires you use php-fpm image) | `false` | +| `nginx.image.repository` | nginx Image name, e.g. use `nginxinc/nginx-unprivileged` for rootless container | `nginx` | +| `nginx.image.tag` | nginx Image tag | `alpine` | +| `nginx.image.pullPolicy` | nginx Image pull policy | `IfNotPresent` | +| `nginx.image.pullPolicy` | nginx Image pull policy | `IfNotPresent` | +| `nginx.containerPort` | Customize container port e.g. when not running as root | `IfNotPresent` | +| `nginx.config.default` | Whether to use nextcloud's recommended nginx config | `true` | +| `nginx.config.custom` | Specify a custom config for nginx | `{}` | +| `nginx.resources` | nginx resources | `{}` | +| `nginx.securityContext` | Optional security context for the nginx container | `nil` | +| `lifecycle.postStartCommand` | Specify deployment lifecycle hook postStartCommand | `nil` | +| `lifecycle.preStopCommand` | Specify deployment lifecycle hook preStopCommand | `nil` | +| `redis.enabled` | Whether to install/use redis for locking | `false` | +| `redis.auth.enabled` | Whether to enable password authentication with redis | `true` | +| `redis.auth.password` | The password redis uses | `''` | +| `redis.auth.existingSecret` | The name of an existing secret with RedisĀ® credentials | `''` | +| `redis.auth.existingSecretPasswordKey` | Password key to be retrieved from existing secret | `''` | +| `cronjob.enabled` | Whether to enable/disable cron jobs sidecar | `false` | +| `cronjob.lifecycle.postStartCommand` | Specify deployment lifecycle hook postStartCommand for the cron jobs sidecar | `nil` | +| `cronjob.lifecycle.preStopCommand` | Specify deployment lifecycle hook preStopCommand for the cron jobs sidecar | `nil` | +| `cronjob.resources` | CPU/Memory resource requests/limits for the cron jobs sidecar | `{}` | +| `cronjob.securityContext` | Optional security context for cron jobs sidecar | `nil` | +| `service.type` | Kubernetes Service type | `ClusterIP` | +| `service.loadBalancerIP` | LoadBalancerIp for service type LoadBalancer | `""` | +| `service.nodePort` | NodePort for service type NodePort | `nil` | +| `service.ipFamilies` | Set ipFamilies as in k8s service objects | `nil` | +| `service.ipFamyPolicy` | define IP protocol bindings as in k8s service objects | `nil` | +| `phpClientHttpsFix.enabled` | Sets OVERWRITEPROTOCOL for https ingress redirect | `false` | +| `phpClientHttpsFix.protocol` | Sets OVERWRITEPROTOCOL for https ingress redirect | `https` | +| `resources` | CPU/Memory resource requests/limits | `{}` | +| `rbac.enabled` | Enable Role and rolebinding for priveledged PSP | `false` | +| `rbac.serviceaccount.create` | Wether to create a serviceaccount or use an existing one (requires rbac) | `true` | +| `rbac.serviceaccount.name` | The name of the sevice account that the deployment will use (requires rbac) | `nextcloud-serviceaccount` | +| `rbac.serviceaccount.annotations` | Serviceaccount annotations | `{}` | +| `livenessProbe.enabled` | Turn on and off liveness probe | `true` | +| `livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `10` | +| `livenessProbe.periodSeconds` | How often to perform the probe | `10` | +| `livenessProbe.timeoutSeconds` | When the probe times out | `5` | +| `livenessProbe.failureThreshold` | Minimum consecutive failures for the probe | `3` | +| `livenessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | +| `readinessProbe.enabled` | Turn on and off readiness probe | `true` | +| `readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `10` | +| `readinessProbe.periodSeconds` | How often to perform the probe | `10` | +| `readinessProbe.timeoutSeconds` | When the probe times out | `5` | +| `readinessProbe.failureThreshold` | Minimum consecutive failures for the probe | `3` | +| `readinessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | +| `startupProbe.enabled` | Turn on and off startup probe | `false` | +| `startupProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` | +| `startupProbe.periodSeconds` | How often to perform the probe | `10` | +| `startupProbe.timeoutSeconds` | When the probe times out | `5` | +| `startupProbe.failureThreshold` | Minimum consecutive failures for the probe | `30` | +| `startupProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | +| `hpa.enabled` | Boolean to create a HorizontalPodAutoscaler | `false` | +| `hpa.cputhreshold` | CPU threshold percent for the HorizontalPodAutoscale | `60` | +| `hpa.minPods` | Min. pods for the Nextcloud HorizontalPodAutoscaler | `1` | +| `hpa.maxPods` | Max. pods for the Nextcloud HorizontalPodAutoscaler | `10` | +| `deploymentLabels` | Labels to be added at 'deployment' level | not set | +| `deploymentAnnotations` | Annotations to be added at 'deployment' level | not set | +| `podLabels` | Labels to be added at 'pod' level | not set | +| `podAnnotations` | Annotations to be added at 'pod' level | not set | ### Database Configurations From a303a5f5a1a35f23f9d519ff14a59b46fc0cbcb9 Mon Sep 17 00:00:00 2001 From: WrenIX <133280015+wrenix@users.noreply.github.com> Date: Sat, 18 Nov 2023 19:34:28 +0100 Subject: [PATCH 2/8] chore: lint all templates to fix indentation and update style (#465) * chore: cleanup deployment.yaml Signed-off-by: WrenIX * chore: cleanup config.yaml Signed-off-by: WrenIX * chore: cleanup db-secret.yaml Signed-off-by: WrenIX * chore: revert db-secret.yaml stringData Signed-off-by: WrenIX * chore: cleanup _helper.yaml for database Signed-off-by: WrenIX * chore: cleanup nextcloud-key to default Signed-off-by: WrenIX * chore: put know string into printf Signed-off-by: WrenIX * fix: dump version after several cleanups Signed-off-by: WrenIX * chore: fix end after cleanup Signed-off-by: WrenIX <133280015+wrenix@users.noreply.github.com> * chore: add some comments for helm-end Signed-off-by: WrenIX <133280015+wrenix@users.noreply.github.com> * chore: remove spaces inside of golang template Co-authored-by: Kate <26026535+provokateurin@users.noreply.github.com> Signed-off-by: WrenIX <133280015+wrenix@users.noreply.github.com> --------- Signed-off-by: WrenIX Signed-off-by: WrenIX <133280015+wrenix@users.noreply.github.com> Co-authored-by: Kate <26026535+provokateurin@users.noreply.github.com> --- charts/nextcloud/Chart.yaml | 2 +- charts/nextcloud/templates/_helpers.tpl | 68 +- charts/nextcloud/templates/config.yaml | 44 +- charts/nextcloud/templates/db-secret.yaml | 14 +- charts/nextcloud/templates/deployment.yaml | 597 +++++++++--------- .../templates/metrics-deployment.yaml | 6 +- charts/nextcloud/values.yaml | 18 +- 7 files changed, 376 insertions(+), 373 deletions(-) diff --git a/charts/nextcloud/Chart.yaml b/charts/nextcloud/Chart.yaml index ebae207d..0a55845f 100644 --- a/charts/nextcloud/Chart.yaml +++ b/charts/nextcloud/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: nextcloud -version: 4.5.0 +version: 4.5.1 appVersion: 27.1.3 description: A file sharing server that puts the control and security of your own data back into your hands. keywords: diff --git a/charts/nextcloud/templates/_helpers.tpl b/charts/nextcloud/templates/_helpers.tpl index e0d899d8..d250589c 100644 --- a/charts/nextcloud/templates/_helpers.tpl +++ b/charts/nextcloud/templates/_helpers.tpl @@ -28,7 +28,7 @@ Create a default fully qualified redis app name. We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). */}} {{- define "nextcloud.redis.fullname" -}} -{{- printf "%s-%s" .Release.Name "redis" | trunc 63 | trimSuffix "-" -}} +{{- printf "%s-redis" .Release.Name | trunc 63 | trimSuffix "-" -}} {{- end -}} {{/* @@ -80,13 +80,13 @@ Create environment variables used to configure the nextcloud container as well a - name: MYSQL_USER valueFrom: secretKeyRef: - name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-%s" .Release.Name "db") }} - key: {{ .Values.externalDatabase.existingSecret.usernameKey | default "db-username" }} + name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-db" .Release.Name) }} + key: {{ .Values.externalDatabase.existingSecret.usernameKey }} - name: MYSQL_PASSWORD valueFrom: secretKeyRef: - name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-%s" .Release.Name "db") }} - key: {{ .Values.externalDatabase.existingSecret.passwordKey | default "db-password" }} + name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-db" .Release.Name) }} + key: {{ .Values.externalDatabase.existingSecret.passwordKey }} {{- else if .Values.postgresql.enabled }} - name: POSTGRES_HOST value: {{ template "postgresql.v1.primary.fullname" .Subcharts.postgresql }} @@ -99,20 +99,20 @@ Create environment variables used to configure the nextcloud container as well a - name: POSTGRES_USER valueFrom: secretKeyRef: - name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-%s" .Release.Name "db") }} - key: {{ .Values.externalDatabase.existingSecret.usernameKey | default "db-username" }} + name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-db" .Release.Name) }} + key: {{ .Values.externalDatabase.existingSecret.usernameKey }} - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: - name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-%s" .Release.Name "db") }} - key: {{ .Values.externalDatabase.existingSecret.passwordKey | default "db-password" }} + name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-db" .Release.Name) }} + key: {{ .Values.externalDatabase.existingSecret.passwordKey }} {{- else }} {{- if eq .Values.externalDatabase.type "postgresql" }} - name: POSTGRES_HOST {{- if .Values.externalDatabase.existingSecret.hostKey }} valueFrom: secretKeyRef: - name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-%s" .Release.Name "db") }} + name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-db" .Release.Name) }} key: {{ .Values.externalDatabase.existingSecret.hostKey }} {{- else }} value: {{ .Values.externalDatabase.host | quote }} @@ -121,7 +121,7 @@ Create environment variables used to configure the nextcloud container as well a {{- if .Values.externalDatabase.existingSecret.databaseKey }} valueFrom: secretKeyRef: - name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-%s" .Release.Name "db") }} + name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-db" .Release.Name) }} key: {{ .Values.externalDatabase.existingSecret.databaseKey }} {{- else }} value: {{ .Values.externalDatabase.database | quote }} @@ -129,19 +129,19 @@ Create environment variables used to configure the nextcloud container as well a - name: POSTGRES_USER valueFrom: secretKeyRef: - name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-%s" .Release.Name "db") }} - key: {{ .Values.externalDatabase.existingSecret.usernameKey | default "db-username" }} + name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-db" .Release.Name) }} + key: {{ .Values.externalDatabase.existingSecret.usernameKey }} - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: - name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-%s" .Release.Name "db") }} - key: {{ .Values.externalDatabase.existingSecret.passwordKey | default "db-password" }} + name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-db" .Release.Name) }} + key: {{ .Values.externalDatabase.existingSecret.passwordKey }} {{- else }} - name: MYSQL_HOST {{- if .Values.externalDatabase.existingSecret.hostKey }} valueFrom: secretKeyRef: - name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-%s" .Release.Name "db") }} + name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-db" .Release.Name) }} key: {{ .Values.externalDatabase.existingSecret.hostKey }} {{- else }} value: {{ .Values.externalDatabase.host | quote }} @@ -150,7 +150,7 @@ Create environment variables used to configure the nextcloud container as well a {{- if .Values.externalDatabase.existingSecret.databaseKey }} valueFrom: secretKeyRef: - name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-%s" .Release.Name "db") }} + name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-db" .Release.Name) }} key: {{ .Values.externalDatabase.existingSecret.databaseKey }} {{- else }} value: {{ .Values.externalDatabase.database | quote }} @@ -158,25 +158,25 @@ Create environment variables used to configure the nextcloud container as well a - name: MYSQL_USER valueFrom: secretKeyRef: - name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-%s" .Release.Name "db") }} - key: {{ .Values.externalDatabase.existingSecret.usernameKey | default "db-username" }} + name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-db" .Release.Name) }} + key: {{ .Values.externalDatabase.existingSecret.usernameKey }} - name: MYSQL_PASSWORD valueFrom: secretKeyRef: - name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-%s" .Release.Name "db") }} - key: {{ .Values.externalDatabase.existingSecret.passwordKey | default "db-password" }} + name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-db" .Release.Name) }} + key: {{ .Values.externalDatabase.existingSecret.passwordKey }} {{- end }} {{- end }} - name: NEXTCLOUD_ADMIN_USER valueFrom: secretKeyRef: name: {{ .Values.nextcloud.existingSecret.secretName | default (include "nextcloud.fullname" .) }} - key: {{ .Values.nextcloud.existingSecret.usernameKey | default "nextcloud-username" }} + key: {{ .Values.nextcloud.existingSecret.usernameKey }} - name: NEXTCLOUD_ADMIN_PASSWORD valueFrom: secretKeyRef: name: {{ .Values.nextcloud.existingSecret.secretName | default (include "nextcloud.fullname" .) }} - key: {{ .Values.nextcloud.existingSecret.passwordKey | default "nextcloud-password" }} + key: {{ .Values.nextcloud.existingSecret.passwordKey }} - name: NEXTCLOUD_TRUSTED_DOMAINS value: {{ .Values.nextcloud.host }} {{- if ne (int .Values.nextcloud.update) 0 }} @@ -200,17 +200,17 @@ Create environment variables used to configure the nextcloud container as well a valueFrom: secretKeyRef: name: {{ .Values.nextcloud.existingSecret.secretName | default (include "nextcloud.fullname" .) }} - key: {{ .Values.nextcloud.existingSecret.smtpHostKey | default "smtp-host" }} + key: {{ .Values.nextcloud.existingSecret.smtpHostKey }} - name: SMTP_NAME valueFrom: secretKeyRef: name: {{ .Values.nextcloud.existingSecret.secretName | default (include "nextcloud.fullname" .) }} - key: {{ .Values.nextcloud.existingSecret.smtpUsernameKey | default "smtp-username" }} + key: {{ .Values.nextcloud.existingSecret.smtpUsernameKey }} - name: SMTP_PASSWORD valueFrom: secretKeyRef: name: {{ .Values.nextcloud.existingSecret.secretName | default (include "nextcloud.fullname" .) }} - key: {{ .Values.nextcloud.existingSecret.smtpPasswordKey | default "smtp-password" }} + key: {{ .Values.nextcloud.existingSecret.smtpPasswordKey }} {{- end }} {{- if .Values.redis.enabled }} - name: REDIS_HOST @@ -242,31 +242,31 @@ Create volume mounts for the nextcloud container as well as the cron sidecar con {{- define "nextcloud.volumeMounts" -}} - name: nextcloud-main mountPath: /var/www/ - subPath: {{ ternary "root" (printf "%s/%s" .Values.nextcloud.persistence.subPath "root") (empty .Values.nextcloud.persistence.subPath) }} + subPath: {{ ternary "root" (printf "%s/root" .Values.nextcloud.persistence.subPath) (empty .Values.nextcloud.persistence.subPath) }} - name: nextcloud-main mountPath: /var/www/html - subPath: {{ ternary "html" (printf "%s/%s" .Values.nextcloud.persistence.subPath "html") (empty .Values.nextcloud.persistence.subPath) }} + subPath: {{ ternary "html" (printf "%s/html" .Values.nextcloud.persistence.subPath) (empty .Values.nextcloud.persistence.subPath) }} {{- if and .Values.persistence.nextcloudData.enabled .Values.persistence.enabled }} - name: nextcloud-data mountPath: {{ .Values.nextcloud.datadir }} - subPath: {{ ternary "data" (printf "%s/%s" .Values.persistence.nextcloudData.subPath "data") (empty .Values.persistence.nextcloudData.subPath) }} + subPath: {{ ternary "data" (printf "%s/data" .Values.persistence.nextcloudData.subPath) (empty .Values.persistence.nextcloudData.subPath) }} {{- else }} - name: nextcloud-main mountPath: {{ .Values.nextcloud.datadir }} - subPath: {{ ternary "data" (printf "%s/%s" .Values.persistence.subPath "data") (empty .Values.persistence.subPath) }} + subPath: {{ ternary "data" (printf "%s/data" .Values.persistence.subPath) (empty .Values.persistence.subPath) }} {{- end }} - name: nextcloud-main mountPath: /var/www/html/config - subPath: {{ ternary "config" (printf "%s/%s" .Values.nextcloud.persistence.subPath "config") (empty .Values.nextcloud.persistence.subPath) }} + subPath: {{ ternary "config" (printf "%s/config" .Values.nextcloud.persistence.subPath) (empty .Values.nextcloud.persistence.subPath) }} - name: nextcloud-main mountPath: /var/www/html/custom_apps - subPath: {{ ternary "custom_apps" (printf "%s/%s" .Values.nextcloud.persistence.subPath "custom_apps") (empty .Values.nextcloud.persistence.subPath) }} + subPath: {{ ternary "custom_apps" (printf "%s/custom_apps" .Values.nextcloud.persistence.subPath) (empty .Values.nextcloud.persistence.subPath) }} - name: nextcloud-main mountPath: /var/www/tmp - subPath: {{ ternary "tmp" (printf "%s/%s" .Values.nextcloud.persistence.subPath "tmp") (empty .Values.nextcloud.persistence.subPath) }} + subPath: {{ ternary "tmp" (printf "%s/tmp" .Values.nextcloud.persistence.subPath) (empty .Values.nextcloud.persistence.subPath) }} - name: nextcloud-main mountPath: /var/www/html/themes - subPath: {{ ternary "themes" (printf "%s/%s" .Values.nextcloud.persistence.subPath "themes") (empty .Values.nextcloud.persistence.subPath) }} + subPath: {{ ternary "themes" (printf "%s/themes" .Values.nextcloud.persistence.subPath) (empty .Values.nextcloud.persistence.subPath) }} {{- range $key, $value := .Values.nextcloud.configs }} - name: nextcloud-config mountPath: /var/www/html/config/{{ $key }} diff --git a/charts/nextcloud/templates/config.yaml b/charts/nextcloud/templates/config.yaml index 2e811f16..6976741a 100644 --- a/charts/nextcloud/templates/config.yaml +++ b/charts/nextcloud/templates/config.yaml @@ -9,12 +9,12 @@ metadata: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} data: -{{- range $key, $value := .Values.nextcloud.configs }} + {{- range $key, $value := .Values.nextcloud.configs }} {{ $key }}: |- -{{ $value | indent 4 }} -{{- end }} -{{- if .Values.nextcloud.defaultConfigs }} -{{- if index .Values.nextcloud.defaultConfigs ".htaccess" }} + {{ $value | nindent 4 }} + {{- end }} + {{- if .Values.nextcloud.defaultConfigs }} + {{- if index .Values.nextcloud.defaultConfigs ".htaccess" }} .htaccess: |- # line below if for Apache 2.4 @@ -28,8 +28,8 @@ data: IndexIgnore * -{{- end }} -{{- if index .Values.nextcloud.defaultConfigs "redis.config.php" }} + {{- end }} + {{- if index .Values.nextcloud.defaultConfigs "redis.config.php" }} redis.config.php: |- array( 'host' => getenv('REDIS_HOST'), 'port' => getenv('REDIS_HOST_PORT') ?: 6379, -{{- if .Values.redis.auth.enabled }} + {{- if .Values.redis.auth.enabled }} 'password' => getenv('REDIS_HOST_PASSWORD'), -{{- end }} + {{- end }} ), ); } -{{- end }} -{{- if index .Values.nextcloud.defaultConfigs "apache-pretty-urls.config.php" }} + {{- end }} + {{- if index .Values.nextcloud.defaultConfigs "apache-pretty-urls.config.php" }} apache-pretty-urls.config.php: |- '/', ); -{{- end }} -{{- if index .Values.nextcloud.defaultConfigs "apcu.config.php" }} + {{- end }} + {{- if index .Values.nextcloud.defaultConfigs "apcu.config.php" }} apcu.config.php: |- '\OC\Memcache\APCu', ); -{{- end }} -{{- if index .Values.nextcloud.defaultConfigs "apps.config.php" }} + {{- end }} + {{- if index .Values.nextcloud.defaultConfigs "apps.config.php" }} apps.config.php: |- getenv('MAIL_DOMAIN'), ); } -{{- end }} -{{- end }} -{{- end }} + {{- end }} + {{- end }}{{/* end-if defaultConfigs */}} + {{- end }}{{/* end-if configs */}} diff --git a/charts/nextcloud/templates/db-secret.yaml b/charts/nextcloud/templates/db-secret.yaml index 1a4eaf4c..dcc3129a 100644 --- a/charts/nextcloud/templates/db-secret.yaml +++ b/charts/nextcloud/templates/db-secret.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Secret metadata: - name: {{ printf "%s-%s" .Release.Name "db" }} + name: {{ .Release.Name }}-db labels: app.kubernetes.io/name: {{ include "nextcloud.name" . }} helm.sh/chart: {{ include "nextcloud.chart" . }} @@ -12,14 +12,14 @@ metadata: type: Opaque data: {{- if .Values.mariadb.enabled }} - db-password: {{ default "" .Values.mariadb.auth.password | b64enc | quote }} - db-username: {{ default "" .Values.mariadb.auth.username | b64enc | quote }} + db-username: {{ .Values.mariadb.auth.username | b64enc | quote }} + db-password: {{ .Values.mariadb.auth.password | b64enc | quote }} {{- else if .Values.postgresql.enabled }} - db-password: {{ default "" .Values.postgresql.global.postgresql.auth.password | b64enc | quote }} - db-username: {{ default "" .Values.postgresql.global.postgresql.auth.username | b64enc | quote }} + db-username: {{ .Values.postgresql.global.postgresql.auth.username | b64enc | quote }} + db-password: {{ .Values.postgresql.global.postgresql.auth.password | b64enc | quote }} {{- else }} - db-password: {{ default "" .Values.externalDatabase.password | b64enc | quote }} - db-username: {{ default "" .Values.externalDatabase.user | b64enc | quote }} + db-username: {{ .Values.externalDatabase.user | b64enc | quote }} + db-password: {{ .Values.externalDatabase.password | b64enc | quote }} {{- end }} {{- end }} {{- end }} diff --git a/charts/nextcloud/templates/deployment.yaml b/charts/nextcloud/templates/deployment.yaml index 6834f68f..5b44e8bc 100644 --- a/charts/nextcloud/templates/deployment.yaml +++ b/charts/nextcloud/templates/deployment.yaml @@ -1,3 +1,4 @@ +--- apiVersion: apps/v1 kind: Deployment metadata: @@ -8,17 +9,17 @@ metadata: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/component: app - {{- if .Values.deploymentLabels }} -{{ toYaml .Values.deploymentLabels | indent 4 }} - {{- end }} - {{- if .Values.deploymentAnnotations }} + {{- with .Values.deploymentLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.deploymentAnnotations }} annotations: -{{ toYaml .Values.deploymentAnnotations | indent 4 }} + {{- toYaml . | nindent 4 }} {{- end }} spec: replicas: {{ .Values.replicaCount }} strategy: -{{ toYaml .Values.nextcloud.strategy | indent 4 }} + {{- toYaml .Values.nextcloud.strategy | nindent 4 }} selector: matchLabels: app.kubernetes.io/name: {{ include "nextcloud.name" . }} @@ -33,8 +34,8 @@ spec: {{- if .Values.redis.enabled }} {{ template "nextcloud.redis.fullname" . }}-client: "true" {{- end }} - {{- if .Values.podLabels }} -{{ toYaml .Values.podLabels | indent 8 }} + {{- with .Values.podLabels }} + {{- toYaml .Values.podLabels | nindent 8 }} {{- end }} annotations: nextcloud-config-hash: {{ print (toJson .Values.nextcloud.defaultConfigs) "-" (toJson .Values.nextcloud.configs) | sha256sum }} @@ -42,315 +43,322 @@ spec: {{- if .Values.nginx.enabled }} nginx-config-hash: {{ print .Values.nginx.config.default "-" .Values.nginx.config.custom | sha256sum }} {{- end }} - {{- if .Values.podAnnotations }} -{{ toYaml .Values.podAnnotations | indent 8 }} + {{- with .Values.podAnnotations }} + {{- toYaml . | nindent 8 }} {{- end }} spec: - {{- if .Values.image.pullSecrets }} + {{- with .Values.image.pullSecrets }} imagePullSecrets: - {{- range .Values.image.pullSecrets }} + {{- range . }} - name: {{ . }} - {{- end}} + {{- end}} {{- end }} containers: - - name: {{ .Chart.Name }} - image: {{ include "nextcloud.image" . }} - imagePullPolicy: {{ .Values.image.pullPolicy }} - {{- if .Values.lifecycle }} - lifecycle: - {{- if .Values.lifecycle.postStartCommand }} - postStart: - exec: - command: - {{- toYaml .Values.lifecycle.postStartCommand | nindent 16 -}} - {{- end }} - {{- if .Values.lifecycle.preStopCommand }} - preStop: - exec: - command: - {{- toYaml .Values.lifecycle.preStopCommand | nindent 16 -}} - {{- end }} - {{- end }} - env: -{{- include "nextcloud.env" . | indent 8 }} - {{- if not .Values.nginx.enabled }} - ports: - - name: http - containerPort: {{ .Values.nextcloud.containerPort }} - protocol: TCP - {{- end }} - {{- if and .Values.livenessProbe.enabled (not .Values.nginx.enabled) }} - livenessProbe: - httpGet: - path: /status.php - port: {{ .Values.nextcloud.containerPort }} - httpHeaders: - - name: Host - value: {{ .Values.nextcloud.host | quote }} - initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.livenessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} - successThreshold: {{ .Values.livenessProbe.successThreshold }} - failureThreshold: {{ .Values.livenessProbe.failureThreshold }} - {{- end }} - {{- if and .Values.readinessProbe.enabled (not .Values.nginx.enabled) }} - readinessProbe: - httpGet: - path: /status.php - port: {{ .Values.nextcloud.containerPort }} - httpHeaders: - - name: Host - value: {{ .Values.nextcloud.host | quote }} - initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.readinessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} - successThreshold: {{ .Values.readinessProbe.successThreshold }} - failureThreshold: {{ .Values.readinessProbe.failureThreshold }} - {{- end }} - {{- if and .Values.startupProbe.enabled (not .Values.nginx.enabled) }} - startupProbe: - httpGet: - path: /status.php - port: {{ .Values.nextcloud.containerPort }} - httpHeaders: - - name: Host - value: {{ .Values.nextcloud.host | quote }} - initialDelaySeconds: {{ .Values.startupProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.startupProbe.periodSeconds }} - timeoutSeconds: {{ .Values.startupProbe.timeoutSeconds }} - successThreshold: {{ .Values.startupProbe.successThreshold }} - failureThreshold: {{ .Values.startupProbe.failureThreshold }} - {{- end }} - resources: -{{ toYaml .Values.resources | indent 10 }} - {{- if .Values.nextcloud.securityContext}} - securityContext: + - name: {{ .Chart.Name }} + image: {{ include "nextcloud.image" . }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + {{- with .Values.lifecycle }} + lifecycle: + {{- with .postStartCommand }} + postStart: + exec: + command: + {{- toYaml . | nindent 18 -}} + {{- end }} + {{- with .preStopCommand }} + preStop: + exec: + command: + {{- toYaml . | nindent 18 -}} + {{- end }} + {{- end }} + env: + {{- include "nextcloud.env" . | nindent 12 }} + {{- if not .Values.nginx.enabled }} + ports: + - name: http + containerPort: {{ .Values.nextcloud.containerPort }} + protocol: TCP + {{- with .Values.livenessProbe }} + {{- if .enabled }} + livenessProbe: + httpGet: + path: /status.php + port: {{ $.Values.nextcloud.containerPort }} + httpHeaders: + - name: Host + value: {{ $.Values.nextcloud.host | quote }} + initialDelaySeconds: {{ .initialDelaySeconds }} + periodSeconds: {{ .periodSeconds }} + timeoutSeconds: {{ .timeoutSeconds }} + successThreshold: {{ .successThreshold }} + failureThreshold: {{ .failureThreshold }} + {{- end }} + {{- end }} + {{- with .Values.readinessProbe }} + {{- if .enabled }} + readinessProbe: + httpGet: + path: /status.php + port: {{ $.Values.nextcloud.containerPort }} + httpHeaders: + - name: Host + value: {{ $.Values.nextcloud.host | quote }} + initialDelaySeconds: {{ .initialDelaySeconds }} + periodSeconds: {{ .periodSeconds }} + timeoutSeconds: {{ .timeoutSeconds }} + successThreshold: {{ .successThreshold }} + failureThreshold: {{ .failureThreshold }} + {{- end }} + {{- end }} + {{- with .Values.startupProbe }} + {{- if .enabled }} + startupProbe: + httpGet: + path: /status.php + port: {{ $.Values.nextcloud.containerPort }} + httpHeaders: + - name: Host + value: {{ $.Values.nextcloud.host | quote }} + initialDelaySeconds: {{ .initialDelaySeconds }} + periodSeconds: {{ .periodSeconds }} + timeoutSeconds: {{ .timeoutSeconds }} + successThreshold: {{ .successThreshold }} + failureThreshold: {{ .failureThreshold }} + {{- end }} + {{- end }} + {{- end }}{{/* end-if not nginx.enabled */}} + resources: + {{- toYaml .Values.resources | nindent 12 }} {{- with .Values.nextcloud.securityContext }} - {{- toYaml . | nindent 10 }} + securityContext: + {{- toYaml . | nindent 12 }} {{- end }} - {{- end }} - volumeMounts: - {{- include "nextcloud.volumeMounts" . | trim | nindent 8 }} - {{- if .Values.cronjob.enabled }} - - name: {{ .Chart.Name }}-cron - image: {{ include "nextcloud.image" . }} - imagePullPolicy: {{ .Values.image.pullPolicy }} - command: - - /cron.sh - {{- if .Values.cronjob.lifecycle }} - lifecycle: - {{- if .Values.cronjob.lifecycle.postStartCommand }} - postStart: - exec: - command: - {{- toYaml .Values.cronjob.lifecycle.postStartCommand | nindent 16 -}} - {{- end }} - {{- if .Values.cronjob.lifecycle.preStopCommand }} - preStop: - exec: - command: - {{- toYaml .Values.cronjob.lifecycle.preStopCommand | nindent 16 -}} - {{- end }} - {{- end }} - env: -{{- include "nextcloud.env" . | indent 8 }} - resources: -{{ toYaml .Values.cronjob.resources | indent 10 }} - {{- if .Values.cronjob.securityContext}} - securityContext: - {{- with .Values.cronjob.securityContext }} - {{- toYaml . | nindent 10 }} + volumeMounts: + {{- include "nextcloud.volumeMounts" . | trim | nindent 12 }} + {{- if .Values.nginx.enabled }} + - name: {{ .Chart.Name }}-nginx + image: "{{ .Values.nginx.image.repository }}:{{ .Values.nginx.image.tag }}" + imagePullPolicy: {{ .Values.nginx.image.pullPolicy }} + ports: + - name: http + protocol: TCP + containerPort: {{ .Values.nextcloud.containerPort }} + {{- with .Values.livenessProbe }} + {{- if .enabled }} + livenessProbe: + httpGet: + path: /status.php + port: {{ $.Values.nextcloud.containerPort }} + httpHeaders: + - name: Host + value: {{ $.Values.nextcloud.host | quote }} + initialDelaySeconds: {{ .initialDelaySeconds }} + periodSeconds: {{ .periodSeconds }} + timeoutSeconds: {{ .timeoutSeconds }} + successThreshold: {{ .successThreshold }} + failureThreshold: {{ .failureThreshold }} {{- end }} - {{- end }} - volumeMounts: -{{- include "nextcloud.volumeMounts" . | trim | nindent 8 }} - {{- end }} - {{- if .Values.nginx.enabled }} - - name: {{ .Chart.Name }}-nginx - image: "{{ .Values.nginx.image.repository }}:{{ .Values.nginx.image.tag }}" - imagePullPolicy: {{ .Values.nginx.image.pullPolicy }} - ports: - - name: http - containerPort: {{ .Values.nextcloud.containerPort }} - protocol: TCP - {{- if .Values.livenessProbe.enabled }} - livenessProbe: - httpGet: - path: /status.php - port: http - httpHeaders: - - name: Host - value: {{ .Values.nextcloud.host | quote }} - initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.livenessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} - successThreshold: {{ .Values.livenessProbe.successThreshold }} - failureThreshold: {{ .Values.livenessProbe.failureThreshold }} - {{- end }} - {{- if .Values.readinessProbe.enabled }} - readinessProbe: - httpGet: - path: /status.php - port: {{ .Values.nextcloud.containerPort }} - httpHeaders: - - name: Host - value: {{ .Values.nextcloud.host | quote }} - initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.readinessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} - successThreshold: {{ .Values.readinessProbe.successThreshold }} - failureThreshold: {{ .Values.readinessProbe.failureThreshold }} - {{- end }} - {{- if .Values.startupProbe.enabled }} - startupProbe: - httpGet: - path: /status.php - port: {{ .Values.nextcloud.containerPort }} - httpHeaders: - - name: Host - value: {{ .Values.nextcloud.host | quote }} - initialDelaySeconds: {{ .Values.startupProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.startupProbe.periodSeconds }} - timeoutSeconds: {{ .Values.startupProbe.timeoutSeconds }} - successThreshold: {{ .Values.startupProbe.successThreshold }} - failureThreshold: {{ .Values.startupProbe.failureThreshold }} - {{- end }} + {{- end }} + {{- with .Values.readinessProbe }} + {{- if .enabled }} + readinessProbe: + httpGet: + path: /status.php + port: {{ $.Values.nextcloud.containerPort }} + httpHeaders: + - name: Host + value: {{ $.Values.nextcloud.host | quote }} + initialDelaySeconds: {{ .initialDelaySeconds }} + periodSeconds: {{ .periodSeconds }} + timeoutSeconds: {{ .timeoutSeconds }} + successThreshold: {{ .successThreshold }} + failureThreshold: {{ .failureThreshold }} + {{- end }} + {{- end }} + {{- with .Values.startupProbe }} + {{- if .enabled }} + startupProbe: + httpGet: + path: /status.php + port: {{ $.Values.nextcloud.containerPort }} + httpHeaders: + - name: Host + value: {{ $.Values.nextcloud.host | quote }} + initialDelaySeconds: {{ .initialDelaySeconds }} + periodSeconds: {{ .periodSeconds }} + timeoutSeconds: {{ .timeoutSeconds }} + successThreshold: {{ .successThreshold }} + failureThreshold: {{ .failureThreshold }} + {{- end }} + {{- end }} - resources: -{{ toYaml .Values.nginx.resources | indent 10 }} - {{- if .Values.nginx.securityContext}} - securityContext: + resources: + {{- toYaml .Values.nginx.resources | nindent 12 }} {{- with .Values.nginx.securityContext }} - {{- toYaml . | nindent 10 }} + securityContext: + {{- toYaml . | nindent 12 }} {{- end }} + volumeMounts: + - name: nextcloud-main + mountPath: /var/www/ + subPath: {{ ternary "root" (printf "%s/root" .Values.nextcloud.persistence.subPath) (empty .Values.nextcloud.persistence.subPath) }} + - name: nextcloud-main + mountPath: /var/www/html + subPath: {{ ternary "html" (printf "%s/html" .Values.nextcloud.persistence.subPath) (empty .Values.nextcloud.persistence.subPath) }} + {{- if and .Values.persistence.nextcloudData.enabled .Values.persistence.enabled }} + - name: nextcloud-data + mountPath: {{ .Values.nextcloud.datadir }} + subPath: {{ ternary "data" (printf "%s/data" .Values.persistence.nextcloudData.subPath) (empty .Values.persistence.nextcloudData.subPath) }} + {{- else }} + - name: nextcloud-main + mountPath: {{ .Values.nextcloud.datadir }} + subPath: {{ ternary "data" (printf "%s/data" .Values.persistence.subPath) (empty .Values.persistence.subPath) }} + {{- end }} + - name: nextcloud-main + mountPath: /var/www/html/config + subPath: {{ ternary "config" (printf "%s/config" .Values.nextcloud.persistence.subPath) (empty .Values.nextcloud.persistence.subPath) }} + - name: nextcloud-main + mountPath: /var/www/html/custom_apps + subPath: {{ ternary "custom_apps" (printf "%s/custom_apps" .Values.nextcloud.persistence.subPath) (empty .Values.nextcloud.persistence.subPath) }} + - name: nextcloud-main + mountPath: /var/www/tmp + subPath: {{ ternary "tmp" (printf "%s/tmp" .Values.nextcloud.persistence.subPath) (empty .Values.nextcloud.persistence.subPath) }} + - name: nextcloud-main + mountPath: /var/www/html/themes + subPath: {{ ternary "themes" (printf "%s/themes" .Values.nextcloud.persistence.subPath) (empty .Values.nextcloud.persistence.subPath) }} + - name: nextcloud-nginx-config + mountPath: /etc/nginx/nginx.conf + subPath: nginx.conf + {{- with .Values.nextcloud.extraVolumeMounts }} + {{- toYaml . | nindent 12 }} + {{- end }} + {{- end }}{{/* end-if nginx.enabled */}} + {{- if .Values.cronjob.enabled }} + - name: {{ .Chart.Name }}-cron + image: {{ include "nextcloud.image" . }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + command: + - /cron.sh + {{- with .Values.cronjob.lifecycle }} + lifecycle: + {{- with .postStartCommand }} + postStart: + exec: + command: + {{- toYaml . | nindent 18 -}} + {{- end }} + {{- with .preStopCommand }} + preStop: + exec: + command: + {{- toYaml . | nindent 18 -}} + {{- end }} + {{- end }} + env: + {{- include "nextcloud.env" . | nindent 12 }} + resources: + {{- toYaml .Values.cronjob.resources | nindent 12 }} + {{- with .Values.cronjob.securityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} + volumeMounts: + {{- include "nextcloud.volumeMounts" . | trim | nindent 12 }} + {{- end }}{{/* end-if cronjob.enabled */}} + {{- with .Values.nextcloud.extraSidecarContainers }} + {{- toYaml . | nindent 8 }} {{- end }} - volumeMounts: - - name: nextcloud-main - mountPath: /var/www/ - subPath: {{ ternary "root" (printf "%s/%s" .Values.nextcloud.persistence.subPath "root") (empty .Values.nextcloud.persistence.subPath) }} - - name: nextcloud-main - mountPath: /var/www/html - subPath: {{ ternary "html" (printf "%s/%s" .Values.nextcloud.persistence.subPath "html") (empty .Values.nextcloud.persistence.subPath) }} - {{- if and .Values.persistence.nextcloudData.enabled .Values.persistence.enabled }} - - name: nextcloud-data - mountPath: {{ .Values.nextcloud.datadir }} - subPath: {{ ternary "data" (printf "%s/%s" .Values.persistence.nextcloudData.subPath "data") (empty .Values.persistence.nextcloudData.subPath) }} - {{- else }} - - name: nextcloud-main - mountPath: {{ .Values.nextcloud.datadir }} - subPath: {{ ternary "data" (printf "%s/%s" .Values.persistence.subPath "data") (empty .Values.persistence.subPath) }} - {{- end }} - - name: nextcloud-main - mountPath: /var/www/html/config - subPath: {{ ternary "config" (printf "%s/%s" .Values.nextcloud.persistence.subPath "config") (empty .Values.nextcloud.persistence.subPath) }} - - name: nextcloud-main - mountPath: /var/www/html/custom_apps - subPath: {{ ternary "custom_apps" (printf "%s/%s" .Values.nextcloud.persistence.subPath "custom_apps") (empty .Values.nextcloud.persistence.subPath) }} - - name: nextcloud-main - mountPath: /var/www/tmp - subPath: {{ ternary "tmp" (printf "%s/%s" .Values.nextcloud.persistence.subPath "tmp") (empty .Values.nextcloud.persistence.subPath) }} - - name: nextcloud-main - mountPath: /var/www/html/themes - subPath: {{ ternary "themes" (printf "%s/%s" .Values.nextcloud.persistence.subPath "themes") (empty .Values.nextcloud.persistence.subPath) }} - - name: nextcloud-nginx-config - mountPath: /etc/nginx/nginx.conf - subPath: nginx.conf - {{- if .Values.nextcloud.extraVolumeMounts }} - {{- toYaml .Values.nextcloud.extraVolumeMounts | nindent 8 }} - {{- end }} - {{- end }} - {{- with .Values.nextcloud.extraSidecarContainers }} - {{- toYaml . | nindent 6 }} - {{- end }} {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} {{- if or .Values.nextcloud.extraInitContainers .Values.mariadb.enabled .Values.postgresql.enabled }} initContainers: - {{- if .Values.nextcloud.extraInitContainers }} - {{- toYaml .Values.nextcloud.extraInitContainers | nindent 6 }} - {{- end }} - {{- if .Values.mariadb.enabled }} - - name: mariadb-isalive - image: {{ .Values.mariadb.image.registry }}/{{ .Values.mariadb.image.repository }}:{{ .Values.mariadb.image.tag }} - env: - - name: MYSQL_USER - valueFrom: - secretKeyRef: - name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-%s" .Release.Name "db") }} - key: {{ .Values.externalDatabase.existingSecret.usernameKey | default "db-username" }} - - name: MYSQL_PASSWORD - valueFrom: - secretKeyRef: - name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-%s" .Release.Name "db") }} - key: {{ .Values.externalDatabase.existingSecret.passwordKey | default "db-password" }} - command: - - "sh" - - "-c" - - {{ printf "until mysql --host=%s-mariadb --user=${MYSQL_USER} --password=${MYSQL_PASSWORD} --execute=\"SELECT 1;\"; do echo waiting for mysql; sleep 2; done;" .Release.Name }} - {{- else if .Values.postgresql.enabled }} - - name: postgresql-isready - image: {{ .Values.postgresql.image.repository }}:{{ .Values.postgresql.image.tag }} - env: - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-%s" .Release.Name "db") }} - key: {{ .Values.externalDatabase.existingSecret.usernameKey | default "db-username" }} - - name: POSTGRES_HOST - value: {{ template "postgresql.v1.primary.fullname" .Subcharts.postgresql }} - command: - - "sh" - - "-c" - - "until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep 2 ; done" - {{- end }} - {{- end }} - {{- with .Values.affinity }} + {{- with .Values.nextcloud.extraInitContainers }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if .Values.mariadb.enabled }} + - name: mariadb-isalive + image: {{ .Values.mariadb.image.registry }}/{{ .Values.mariadb.image.repository }}:{{ .Values.mariadb.image.tag }} + env: + - name: MYSQL_USER + valueFrom: + secretKeyRef: + name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-db" .Release.Name) }} + key: {{ .Values.externalDatabase.existingSecret.usernameKey }} + - name: MYSQL_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-db" .Release.Name) }} + key: {{ .Values.externalDatabase.existingSecret.passwordKey }} + command: + - "sh" + - "-c" + - {{ printf "until mysql --host=%s-mariadb --user=${MYSQL_USER} --password=${MYSQL_PASSWORD} --execute=\"SELECT 1;\"; do echo waiting for mysql; sleep 2; done;" .Release.Name }} + {{- else if .Values.postgresql.enabled }} + - name: postgresql-isready + image: {{ .Values.postgresql.image.repository }}:{{ .Values.postgresql.image.tag }} + env: + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-db" .Release.Name) }} + key: {{ .Values.externalDatabase.existingSecret.usernameKey }} + - name: POSTGRES_HOST + value: {{ template "postgresql.v1.primary.fullname" .Subcharts.postgresql }} + command: + - "sh" + - "-c" + - "until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep 2 ; done" + {{- end }}{{/* end-if any database-initContainer */}} + {{- end }}{{/* end-if any initContainer */}} + {{- with .Values.affinity }} affinity: {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations }} + {{- end }} + {{- with .Values.tolerations }} tolerations: {{- toYaml . | nindent 8 }} - {{- end }} - volumes: - - name: nextcloud-main - {{- if .Values.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ if .Values.persistence.existingClaim }}{{ .Values.persistence.existingClaim }}{{- else }}{{ template "nextcloud.fullname" . }}-nextcloud{{- end }} - {{- else }} - emptyDir: {} - {{- end }} - {{- if and .Values.persistence.nextcloudData.enabled .Values.persistence.enabled }} - - name: nextcloud-data - persistentVolumeClaim: - claimName: {{ if .Values.persistence.nextcloudData.existingClaim }}{{ .Values.persistence.nextcloudData.existingClaim }}{{- else }}{{ template "nextcloud.fullname" . }}-nextcloud-data{{- end }} - {{- end }} - {{- if .Values.nextcloud.configs }} - - name: nextcloud-config - configMap: - name: {{ template "nextcloud.fullname" . }}-config - {{- end }} - {{- if .Values.nextcloud.phpConfigs }} - - name: nextcloud-phpconfig - configMap: - name: {{ template "nextcloud.fullname" . }}-phpconfig - {{- end }} - {{- if .Values.nginx.enabled }} - - name: nextcloud-nginx-config - configMap: - name: {{ template "nextcloud.fullname" . }}-nginxconfig - {{- end }} - {{- if .Values.nextcloud.extraVolumes }} -{{ toYaml .Values.nextcloud.extraVolumes | indent 6 }} {{- end }} + volumes: + - name: nextcloud-main + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ if .Values.persistence.existingClaim }}{{ .Values.persistence.existingClaim }}{{- else }}{{ template "nextcloud.fullname" . }}-nextcloud{{- end }} + {{- else }} + emptyDir: {} + {{- end }} + {{- if and .Values.persistence.nextcloudData.enabled .Values.persistence.enabled }} + - name: nextcloud-data + persistentVolumeClaim: + claimName: {{ if .Values.persistence.nextcloudData.existingClaim }}{{ .Values.persistence.nextcloudData.existingClaim }}{{- else }}{{ template "nextcloud.fullname" . }}-nextcloud-data{{- end }} + {{- end }} + {{- if .Values.nextcloud.configs }} + - name: nextcloud-config + configMap: + name: {{ template "nextcloud.fullname" . }}-config + {{- end }} + {{- if .Values.nextcloud.phpConfigs }} + - name: nextcloud-phpconfig + configMap: + name: {{ template "nextcloud.fullname" . }}-phpconfig + {{- end }} + {{- if .Values.nginx.enabled }} + - name: nextcloud-nginx-config + configMap: + name: {{ template "nextcloud.fullname" . }}-nginxconfig + {{- end }} + {{- with .Values.nextcloud.extraVolumes }} + {{- toYaml . | nindent 6 }} + {{- end }} securityContext: - {{- if .Values.nextcloud.podSecurityContext }} - {{- with .Values.nextcloud.podSecurityContext }} - {{- toYaml . | nindent 8 }} + {{- with .Values.securityContext }} + {{- toYaml . | nindent 8 }} {{- end }} - {{- else }} + {{- with .Values.nextcloud.podSecurityContext }} + {{- toYaml . | nindent 8 }} + {{- else }} {{- if .Values.nginx.enabled }} # Will mount configuration files as www-data (id: 82) for nextcloud fsGroup: 82 @@ -358,12 +366,7 @@ spec: # Will mount configuration files as www-data (id: 33) for nextcloud fsGroup: 33 {{- end }} - {{- if .Values.securityContext }} - {{- with .Values.securityContext }} - {{- toYaml . | nindent 8 }} - {{- end }} - {{- end }} - {{- end }} + {{- end }}{{/* end-with podSecurityContext */}} {{- if .Values.rbac.enabled }} serviceAccountName: {{ .Values.rbac.serviceaccount.name }} {{- end }} diff --git a/charts/nextcloud/templates/metrics-deployment.yaml b/charts/nextcloud/templates/metrics-deployment.yaml index e4c71853..ea30e918 100644 --- a/charts/nextcloud/templates/metrics-deployment.yaml +++ b/charts/nextcloud/templates/metrics-deployment.yaml @@ -43,18 +43,18 @@ spec: valueFrom: secretKeyRef: name: {{ .Values.nextcloud.existingSecret.secretName | default (include "nextcloud.fullname" .) }} - key: {{ .Values.nextcloud.existingSecret.tokenKey | default "nextcloud-token" }} + key: {{ .Values.nextcloud.existingSecret.tokenKey }} {{- else }} - name: NEXTCLOUD_USERNAME valueFrom: secretKeyRef: name: {{ .Values.nextcloud.existingSecret.secretName | default (include "nextcloud.fullname" .) }} - key: {{ .Values.nextcloud.existingSecret.usernameKey | default "nextcloud-username" }} + key: {{ .Values.nextcloud.existingSecret.usernameKey }} - name: NEXTCLOUD_PASSWORD valueFrom: secretKeyRef: name: {{ .Values.nextcloud.existingSecret.secretName | default (include "nextcloud.fullname" .) }} - key: {{ .Values.nextcloud.existingSecret.passwordKey | default "nextcloud-password" }} + key: {{ .Values.nextcloud.existingSecret.passwordKey }} {{- end }} # NEXTCLOUD_SERVER is used by metrics-exporter to reach the Nextcloud (K8s-)Service to grab the serverinfo api endpoint - name: NEXTCLOUD_SERVER diff --git a/charts/nextcloud/values.yaml b/charts/nextcloud/values.yaml index 4d4d93c4..12828542 100644 --- a/charts/nextcloud/values.yaml +++ b/charts/nextcloud/values.yaml @@ -78,12 +78,12 @@ nextcloud: existingSecret: enabled: false # secretName: nameofsecret - # usernameKey: nextcloud-username - # passwordKey: nextcloud-password - # tokenKey: nextcloud-token - # smtpUsernameKey: smtp-username - # smtpPasswordKey: smtp-password - # smtpHostKey: smtp-host + usernameKey: nextcloud-username + passwordKey: nextcloud-password + tokenKey: nextcloud-token + smtpUsernameKey: smtp-username + smtpPasswordKey: smtp-password + smtpHostKey: smtp-host update: 0 # If web server is not binding default port, you can define it containerPort: 80 @@ -252,7 +252,7 @@ externalDatabase: user: nextcloud ## Database password - password: + password: "" ## Database name database: nextcloud @@ -261,8 +261,8 @@ externalDatabase: existingSecret: enabled: false # secretName: nameofsecret - # usernameKey: db-username - # passwordKey: db-password + usernameKey: db-username + passwordKey: db-password # hostKey: db-hostname-or-ip # databaseKey: db-name From 4cb7445cb9986add4479f4f97c85e508a0094943 Mon Sep 17 00:00:00 2001 From: WrenIX <133280015+wrenix@users.noreply.github.com> Date: Mon, 20 Nov 2023 11:15:12 +0100 Subject: [PATCH 3/8] fix: after #465 (remove before * fix: podLabel inside of with Signed-off-by: WrenIX <133280015+wrenix@users.noreply.github.com> --------- Signed-off-by: WrenIX Signed-off-by: WrenIX <133280015+wrenix@users.noreply.github.com> --- charts/nextcloud/Chart.yaml | 2 +- charts/nextcloud/templates/config.yaml | 2 +- charts/nextcloud/templates/deployment.yaml | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/nextcloud/Chart.yaml b/charts/nextcloud/Chart.yaml index 0a55845f..26b03113 100644 --- a/charts/nextcloud/Chart.yaml +++ b/charts/nextcloud/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: nextcloud -version: 4.5.1 +version: 4.5.2 appVersion: 27.1.3 description: A file sharing server that puts the control and security of your own data back into your hands. keywords: diff --git a/charts/nextcloud/templates/config.yaml b/charts/nextcloud/templates/config.yaml index 6976741a..a6a7cb4c 100644 --- a/charts/nextcloud/templates/config.yaml +++ b/charts/nextcloud/templates/config.yaml @@ -11,7 +11,7 @@ metadata: data: {{- range $key, $value := .Values.nextcloud.configs }} {{ $key }}: |- - {{ $value | nindent 4 }} + {{- $value | nindent 4 }} {{- end }} {{- if .Values.nextcloud.defaultConfigs }} {{- if index .Values.nextcloud.defaultConfigs ".htaccess" }} diff --git a/charts/nextcloud/templates/deployment.yaml b/charts/nextcloud/templates/deployment.yaml index 5b44e8bc..af7704a7 100644 --- a/charts/nextcloud/templates/deployment.yaml +++ b/charts/nextcloud/templates/deployment.yaml @@ -35,7 +35,7 @@ spec: {{ template "nextcloud.redis.fullname" . }}-client: "true" {{- end }} {{- with .Values.podLabels }} - {{- toYaml .Values.podLabels | nindent 8 }} + {{- toYaml . | nindent 8 }} {{- end }} annotations: nextcloud-config-hash: {{ print (toJson .Values.nextcloud.defaultConfigs) "-" (toJson .Values.nextcloud.configs) | sha256sum }} @@ -350,7 +350,7 @@ spec: name: {{ template "nextcloud.fullname" . }}-nginxconfig {{- end }} {{- with .Values.nextcloud.extraVolumes }} - {{- toYaml . | nindent 6 }} + {{- toYaml . | nindent 8 }} {{- end }} securityContext: {{- with .Values.securityContext }} From 2ee0dd9c0984f2c86312c90a93c843d38d847d86 Mon Sep 17 00:00:00 2001 From: Maximilien McDermott Date: Thu, 23 Nov 2023 04:17:54 -0600 Subject: [PATCH 4/8] Logging documentation update (#443) (#482) * Logging documentation update (#443) Signed-off-by: Veymax * Apply suggestions from code review Rolling in suggestions Co-authored-by: JesseBot Signed-off-by: Maximilien McDermott * Adds linkable titles and syntax highlighting Signed-off-by: Veymax --------- Signed-off-by: Veymax Signed-off-by: Maximilien McDermott Co-authored-by: JesseBot --- charts/nextcloud/README.md | 61 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 61 insertions(+) diff --git a/charts/nextcloud/README.md b/charts/nextcloud/README.md index 51c80648..5cfc1009 100644 --- a/charts/nextcloud/README.md +++ b/charts/nextcloud/README.md @@ -30,6 +30,7 @@ helm install my-release nextcloud/nextcloud * [Downloading models for recognize](#downloading-models-for-recognize) * [Backups](#backups) * [Upgrades](#upgrades) +* [Troubleshooting](#troubleshooting) ## Introduction @@ -485,3 +486,63 @@ After an upgrade, you may have missing indices. To fix this, you can run: # where NEXTCLOUD_POD is *your* nextcloud pod kubectl exec -it $NEXTCLOUD_POD -- su -s /bin/sh www-data -c "php occ db:add-missing-indices" ``` + +# Troubleshooting + +## Logging +The nextcloud instance deployed by this chart doesn't currently create a log file locally inside the container. +Examples scenarios to change this behavior include: + - Triaging mailserver issues + - Any time you're confused by server behavior and need more context + - Before submitting a GitHub Issue (you can include relevant log messages that way) + +### Changing the logging behavior +To change the logging behavior, modify your `logging.config.php` in your `values.yaml` under the `nextcloud.configs` section like so: +```yaml +nextcloud: + configs: + logging.config.php: |- + 'file', + 'logfile' => 'nextcloud.log', + 'loglevel' => 0, + 'logdateformat' => 'F d, Y H:i:s' + ); +``` +`loglevel` corresponds to the detail of the logs. Valid values are: +``` +0: DEBUG: All activity; the most detailed logging. + +1: INFO: Activity such as user logins and file activities, plus warnings, errors, and fatal errors. + +2: WARN: Operations succeed, but with warnings of potential problems, plus errors and fatal errors. + +3: ERROR: An operation fails, but other services and operations continue, plus fatal errors. + +4: FATAL: The server stops. +``` +[More information about Nextcloud logging](https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/logging_configuration.html) + +### Viewing the logs +To view logs after changing the logging behavior, you can exec into the Kubernetes pod, or copy them to your local machine. + +#### Exec into the kubernetes pod: +```bash +kubectl exec --stdin --tty nextcloud-pod-name-random-chars -- /bin/sh +``` + +#### Then look for the `nextcloud.log` file with tail or cat: + +```bash +cat nextcloud.log +tail -f nextcloud.log +``` + +#### Copy the log file to your local machine: +```bash +kubectl cp default/nextcloud-pod-name-random-chars:nextcloud.log ./my-local-machine-nextcloud.log +``` + +### Sharing the logs +Remember to anonymize your logs and snippets from your pod before sharing them with the internet. Kubernetes secrets, even Sealed ones, live in plaintext `env` variables on your running containers, and log messages can include other information that should stay safely with you. From b62953a9fd0192ae223e4e2d494fbcb37beb6e1d Mon Sep 17 00:00:00 2001 From: Florent Poinsaut <1256948+FlorentPoinsaut@users.noreply.github.com> Date: Wed, 29 Nov 2023 11:13:32 +0100 Subject: [PATCH 5/8] Allow NGINX additional config (#393) * Allow NGINX additional config Signed-off-by: Florent Poinsaut * Fix ConfiMap mount Signed-off-by: Florent Poinsaut * Fix default config file name Signed-off-by: Florent Poinsaut * upgrade chart version Signed-off-by: Florent Poinsaut * Bump chart version Signed-off-by: Florent Poinsaut * Update charts/nextcloud/Chart.yaml Co-authored-by: JesseBot Signed-off-by: Florent Poinsaut <1256948+FlorentPoinsaut@users.noreply.github.com> --------- Signed-off-by: Florent Poinsaut Signed-off-by: Florent Poinsaut <1256948+FlorentPoinsaut@users.noreply.github.com> Co-authored-by: JesseBot --- charts/nextcloud/Chart.yaml | 2 +- charts/nextcloud/templates/deployment.yaml | 3 +- charts/nextcloud/templates/nginx-config.yaml | 265 +++++++++---------- 3 files changed, 121 insertions(+), 149 deletions(-) diff --git a/charts/nextcloud/Chart.yaml b/charts/nextcloud/Chart.yaml index 26b03113..18a63900 100644 --- a/charts/nextcloud/Chart.yaml +++ b/charts/nextcloud/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: nextcloud -version: 4.5.2 +version: 4.5.3 appVersion: 27.1.3 description: A file sharing server that puts the control and security of your own data back into your hands. keywords: diff --git a/charts/nextcloud/templates/deployment.yaml b/charts/nextcloud/templates/deployment.yaml index af7704a7..d1c57679 100644 --- a/charts/nextcloud/templates/deployment.yaml +++ b/charts/nextcloud/templates/deployment.yaml @@ -228,8 +228,7 @@ spec: mountPath: /var/www/html/themes subPath: {{ ternary "themes" (printf "%s/themes" .Values.nextcloud.persistence.subPath) (empty .Values.nextcloud.persistence.subPath) }} - name: nextcloud-nginx-config - mountPath: /etc/nginx/nginx.conf - subPath: nginx.conf + mountPath: /etc/nginx/conf.d/ {{- with .Values.nextcloud.extraVolumeMounts }} {{- toYaml . | nindent 12 }} {{- end }} diff --git a/charts/nextcloud/templates/nginx-config.yaml b/charts/nextcloud/templates/nginx-config.yaml index 973aadeb..df5b64c5 100644 --- a/charts/nextcloud/templates/nginx-config.yaml +++ b/charts/nextcloud/templates/nginx-config.yaml @@ -1,163 +1,134 @@ -{{- define "nginx.conf" }} - worker_processes auto; - - error_log /var/log/nginx/error.log warn; - pid /tmp/nginx.pid; - - - events { - worker_connections 1024; +{{- define "default.conf" }} + upstream php-handler { + server 127.0.0.1:9000; } - - http { - include /etc/nginx/mime.types; - default_type application/octet-stream; - - log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - - access_log /var/log/nginx/access.log main; - - sendfile on; - #tcp_nopush on; - - keepalive_timeout 65; - - #gzip on; - - upstream php-handler { - server 127.0.0.1:9000; - } - - server { - listen {{ .Values.nginx.containerPort | default "80" }}; - - # HSTS settings - # WARNING: Only add the preload option once you read about - # the consequences in https://hstspreload.org/. This option - # will add the domain to a hardcoded list that is shipped - # in all major browsers and getting removed from this list - # could take several months. - #add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always; - - # set max upload size - client_max_body_size 10G; - fastcgi_buffers 64 4K; - - # Enable gzip but do not remove ETag headers - gzip on; - gzip_vary on; - gzip_comp_level 4; - gzip_min_length 256; - gzip_proxied expired no-cache no-store private no_last_modified no_etag auth; - gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy; - - # Pagespeed is not supported by Nextcloud, so if your server is built - # with the `ngx_pagespeed` module, uncomment this line to disable it. - #pagespeed off; - - # HTTP response headers borrowed from Nextcloud `.htaccess` - add_header Referrer-Policy "no-referrer" always; - add_header X-Content-Type-Options "nosniff" always; - add_header X-Download-Options "noopen" always; - add_header X-Frame-Options "SAMEORIGIN" always; - add_header X-Permitted-Cross-Domain-Policies "none" always; - add_header X-Robots-Tag "noindex, nofollow" always; - add_header X-XSS-Protection "1; mode=block" always; - - # Remove X-Powered-By, which is an information leak - fastcgi_hide_header X-Powered-By; - - # Path to the root of your installation - root /var/www/html; - - # Specify how to handle directories -- specifying `/index.php$request_uri` - # here as the fallback means that Nginx always exhibits the desired behaviour - # when a client requests a path that corresponds to a directory that exists - # on the server. In particular, if that directory contains an index.php file, - # that file is correctly served; if it doesn't, then the request is passed to - # the front-end controller. This consistent behaviour means that we don't need - # to specify custom rules for certain paths (e.g. images and other assets, - # `/updater`, `/ocm-provider`, `/ocs-provider`), and thus - # `try_files $uri $uri/ /index.php$request_uri` - # always provides the desired behaviour. - index index.php index.html /index.php$request_uri; - - # Rule borrowed from `.htaccess` to handle Microsoft DAV clients - location = / { - if ( $http_user_agent ~ ^DavClnt ) { - return 302 /remote.php/webdav/$is_args$args; - } + server { + listen {{ .Values.nginx.containerPort | default "80" }}; + + # HSTS settings + # WARNING: Only add the preload option once you read about + # the consequences in https://hstspreload.org/. This option + # will add the domain to a hardcoded list that is shipped + # in all major browsers and getting removed from this list + # could take several months. + #add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always; + + # set max upload size + client_max_body_size 10G; + fastcgi_buffers 64 4K; + + # Enable gzip but do not remove ETag headers + gzip on; + gzip_vary on; + gzip_comp_level 4; + gzip_min_length 256; + gzip_proxied expired no-cache no-store private no_last_modified no_etag auth; + gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy; + + # Pagespeed is not supported by Nextcloud, so if your server is built + # with the `ngx_pagespeed` module, uncomment this line to disable it. + #pagespeed off; + + # HTTP response headers borrowed from Nextcloud `.htaccess` + add_header Referrer-Policy "no-referrer" always; + add_header X-Content-Type-Options "nosniff" always; + add_header X-Download-Options "noopen" always; + add_header X-Frame-Options "SAMEORIGIN" always; + add_header X-Permitted-Cross-Domain-Policies "none" always; + add_header X-Robots-Tag "noindex, nofollow" always; + add_header X-XSS-Protection "1; mode=block" always; + + # Remove X-Powered-By, which is an information leak + fastcgi_hide_header X-Powered-By; + + # Path to the root of your installation + root /var/www/html; + + # Specify how to handle directories -- specifying `/index.php$request_uri` + # here as the fallback means that Nginx always exhibits the desired behaviour + # when a client requests a path that corresponds to a directory that exists + # on the server. In particular, if that directory contains an index.php file, + # that file is correctly served; if it doesn't, then the request is passed to + # the front-end controller. This consistent behaviour means that we don't need + # to specify custom rules for certain paths (e.g. images and other assets, + # `/updater`, `/ocm-provider`, `/ocs-provider`), and thus + # `try_files $uri $uri/ /index.php$request_uri` + # always provides the desired behaviour. + index index.php index.html /index.php$request_uri; + + # Rule borrowed from `.htaccess` to handle Microsoft DAV clients + location = / { + if ( $http_user_agent ~ ^DavClnt ) { + return 302 /remote.php/webdav/$is_args$args; } + } - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - # Make a regex exception for `/.well-known` so that clients can still - # access it despite the existence of the regex rule - # `location ~ /(\.|autotest|...)` which would otherwise handle requests - # for `/.well-known`. - location ^~ /.well-known { - # The following 6 rules are borrowed from `.htaccess` + # Make a regex exception for `/.well-known` so that clients can still + # access it despite the existence of the regex rule + # `location ~ /(\.|autotest|...)` which would otherwise handle requests + # for `/.well-known`. + location ^~ /.well-known { + # The following 6 rules are borrowed from `.htaccess` - location = /.well-known/carddav { return 301 /remote.php/dav/; } - location = /.well-known/caldav { return 301 /remote.php/dav/; } - # Anything else is dynamically handled by Nextcloud - location ^~ /.well-known { return 301 /index.php$uri; } + location = /.well-known/carddav { return 301 /remote.php/dav/; } + location = /.well-known/caldav { return 301 /remote.php/dav/; } + # Anything else is dynamically handled by Nextcloud + location ^~ /.well-known { return 301 /index.php$uri; } - try_files $uri $uri/ =404; - } + try_files $uri $uri/ =404; + } - # Rules borrowed from `.htaccess` to hide certain paths from clients - location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/) { return 404; } - location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { return 404; } + # Rules borrowed from `.htaccess` to hide certain paths from clients + location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/) { return 404; } + location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { return 404; } - # Ensure this block, which passes PHP files to the PHP process, is above the blocks - # which handle static assets (as seen below). If this block is not declared first, - # then Nginx will encounter an infinite rewriting loop when it prepends `/index.php` - # to the URI, resulting in a HTTP 500 error response. - location ~ \.php(?:$|/) { - # Required for legacy support - rewrite ^/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+|.+\/richdocumentscode\/proxy) /index.php$request_uri; + # Ensure this block, which passes PHP files to the PHP process, is above the blocks + # which handle static assets (as seen below). If this block is not declared first, + # then Nginx will encounter an infinite rewriting loop when it prepends `/index.php` + # to the URI, resulting in a HTTP 500 error response. + location ~ \.php(?:$|/) { + # Required for legacy support + rewrite ^/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+|.+\/richdocumentscode\/proxy) /index.php$request_uri; - fastcgi_split_path_info ^(.+?\.php)(/.*)$; - set $path_info $fastcgi_path_info; + fastcgi_split_path_info ^(.+?\.php)(/.*)$; + set $path_info $fastcgi_path_info; - try_files $fastcgi_script_name =404; + try_files $fastcgi_script_name =404; - include fastcgi_params; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_param PATH_INFO $path_info; - #fastcgi_param HTTPS on; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $path_info; + #fastcgi_param HTTPS on; - fastcgi_param modHeadersAvailable true; # Avoid sending the security headers twice - fastcgi_param front_controller_active true; # Enable pretty urls - fastcgi_pass php-handler; + fastcgi_param modHeadersAvailable true; # Avoid sending the security headers twice + fastcgi_param front_controller_active true; # Enable pretty urls + fastcgi_pass php-handler; - fastcgi_intercept_errors on; - fastcgi_request_buffering off; - } + fastcgi_intercept_errors on; + fastcgi_request_buffering off; + } - location ~ \.(?:css|js|svg|gif)$ { - try_files $uri /index.php$request_uri; - expires 6M; # Cache-Control policy borrowed from `.htaccess` - access_log off; # Optional: Don't log access to assets - } + location ~ \.(?:css|js|svg|gif)$ { + try_files $uri /index.php$request_uri; + expires 6M; # Cache-Control policy borrowed from `.htaccess` + access_log off; # Optional: Don't log access to assets + } - location ~ \.woff2?$ { - try_files $uri /index.php$request_uri; - expires 7d; # Cache-Control policy borrowed from `.htaccess` - access_log off; # Optional: Don't log access to assets - } + location ~ \.woff2?$ { + try_files $uri /index.php$request_uri; + expires 7d; # Cache-Control policy borrowed from `.htaccess` + access_log off; # Optional: Don't log access to assets + } - location / { - try_files $uri $uri/ /index.php$request_uri; - } + location / { + try_files $uri $uri/ /index.php$request_uri; } } {{- end }} @@ -173,10 +144,12 @@ metadata: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} data: - nginx.conf: |- {{- if .Values.nginx.config.default }} - {{- template "nginx.conf" $ }} -{{- else }} + default.conf: |- + {{- template "default.conf" $ }} +{{- end }} +{{- if .Values.nginx.config.custom }} + zz-custom.conf: |- {{ .Values.nginx.config.custom | indent 4 }} {{- end }} {{- end }} From 82b8a479ed90fa6a94f30f832916305679e219f0 Mon Sep 17 00:00:00 2001 From: Tero Paloheimo Date: Wed, 29 Nov 2023 19:30:49 +0200 Subject: [PATCH 6/8] Update to 27.1.4 Signed-off-by: Tero Paloheimo --- charts/nextcloud/Chart.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/nextcloud/Chart.yaml b/charts/nextcloud/Chart.yaml index 18a63900..212620b8 100644 --- a/charts/nextcloud/Chart.yaml +++ b/charts/nextcloud/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 name: nextcloud -version: 4.5.3 -appVersion: 27.1.3 +version: 4.5.4 +appVersion: 27.1.4 description: A file sharing server that puts the control and security of your own data back into your hands. keywords: - nextcloud From a793da0a5e359560591e373481e2b4581a1c36ab Mon Sep 17 00:00:00 2001 From: jld3103 Date: Sat, 2 Dec 2023 11:43:21 +0100 Subject: [PATCH 7/8] feat(docs): Document service discovery with nginx and ingress Signed-off-by: jld3103 --- charts/nextcloud/Chart.yaml | 2 +- charts/nextcloud/README.md | 34 ++++++++++++++++++++++++++++++++++ charts/nextcloud/values.yaml | 1 + 3 files changed, 36 insertions(+), 1 deletion(-) diff --git a/charts/nextcloud/Chart.yaml b/charts/nextcloud/Chart.yaml index 212620b8..9a8bf00f 100644 --- a/charts/nextcloud/Chart.yaml +++ b/charts/nextcloud/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: nextcloud -version: 4.5.4 +version: 4.5.5 appVersion: 27.1.4 description: A file sharing server that puts the control and security of your own data back into your hands. keywords: diff --git a/charts/nextcloud/README.md b/charts/nextcloud/README.md index 5cfc1009..fe9dbdf3 100644 --- a/charts/nextcloud/README.md +++ b/charts/nextcloud/README.md @@ -384,6 +384,40 @@ nginx enabled: true ``` +### Service discovery with nginx and ingress + +For service discovery (CalDAV, CardDAV, webfinger, nodeinfo) to work you need to add redirects to your ingress. +If you use the [ingress-nginx](https://github.com/kubernetes/ingress-nginx) you can use the following server snippet annotation: + + +```yaml +ingress: + annotations: + nginx.ingress.kubernetes.io/server-snippet: |- + server_tokens off; + proxy_hide_header X-Powered-By; + rewrite ^/.well-known/webfinger /index.php/.well-known/webfinger last; + rewrite ^/.well-known/nodeinfo /index.php/.well-known/nodeinfo last; + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json; + location = /.well-known/carddav { + return 301 $scheme://$host/remote.php/dav; + } + location = /.well-known/caldav { + return 301 $scheme://$host/remote.php/dav; + } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ { + deny all; + } + location ~ ^/(?:autotest|occ|issue|indie|db_|console) { + deny all; + } +``` ## Preserving Source IP - Make sure your loadbalancer preserves source IP, for bare metal, `metalb` does and `klipper-lb` doesn't. diff --git a/charts/nextcloud/values.yaml b/charts/nextcloud/values.yaml index 12828542..e231a16e 100644 --- a/charts/nextcloud/values.yaml +++ b/charts/nextcloud/values.yaml @@ -27,6 +27,7 @@ ingress: # nginx.ingress.kubernetes.io/proxy-body-size: 4G # kubernetes.io/tls-acme: "true" # cert-manager.io/cluster-issuer: letsencrypt-prod + # # Keep this in sync with the README.md: # nginx.ingress.kubernetes.io/server-snippet: |- # server_tokens off; # proxy_hide_header X-Powered-By; From f46483bc37b523e83bdfb8c03c39b1a4ce241bf7 Mon Sep 17 00:00:00 2001 From: Victor S <35772566+schmittvictor@users.noreply.github.com> Date: Fri, 15 Dec 2023 08:38:57 +0100 Subject: [PATCH 8/8] Fix postgresql-isready image (#471) * Fix postgresql-isready image Signed-off-by: Victor S <35772566+schmittvictor@users.noreply.github.com> * Fix postgresql-isready image Signed-off-by: Victor S <35772566+schmittvictor@users.noreply.github.com> * Fix postgresql-isready image Signed-off-by: Victor S <35772566+schmittvictor@users.noreply.github.com> --------- Signed-off-by: Victor S <35772566+schmittvictor@users.noreply.github.com> --- charts/nextcloud/Chart.yaml | 2 +- charts/nextcloud/README.md | 71 +++++++++++----------- charts/nextcloud/templates/deployment.yaml | 2 +- 3 files changed, 39 insertions(+), 36 deletions(-) diff --git a/charts/nextcloud/Chart.yaml b/charts/nextcloud/Chart.yaml index 9a8bf00f..756f4a0f 100644 --- a/charts/nextcloud/Chart.yaml +++ b/charts/nextcloud/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: nextcloud -version: 4.5.5 +version: 4.5.6 appVersion: 27.1.4 description: A file sharing server that puts the control and security of your own data back into your hands. keywords: diff --git a/charts/nextcloud/README.md b/charts/nextcloud/README.md index fe9dbdf3..a530c20f 100644 --- a/charts/nextcloud/README.md +++ b/charts/nextcloud/README.md @@ -209,40 +209,43 @@ For convenience, we packages the following Bitnami charts for databases (feel fr If you choose to use one of the prepackaged Bitnami helm charts, you must configure both the `externalDatabase` parameters, and the parameters for the chart you choose. For instance, if you choose to use the Bitnami PostgreSQL chart that we've prepackaged, you need to also configure all the parameters for `postgresql`. You do not need to use the Bitnami helm charts. If you want to use an already configured database that you have externally, just set `internalDatabase.enabled` to `false`, and configure the `externalDatabase` parameters below. -| Parameter | Description | Default | -|----------------------------------------------------------------------|----------------------------------------------------------------------------------------|-----------------| -| `internalDatabase.enabled` | Whether to use internal sqlite database | `true` | -| `internalDatabase.database` | Name of the existing database | `nextcloud` | -| `externalDatabase.enabled` | Whether to use external database | `false` | -| `externalDatabase.type` | External database type: `mysql`, `postgresql` | `mysql` | -| `externalDatabase.host` | Host of the external database in form of `host:port` | `nil` | -| `externalDatabase.database` | Name of the existing database | `nextcloud` | -| `externalDatabase.user` | Existing username in the external db | `nextcloud` | -| `externalDatabase.password` | Password for the above username | `nil` | -| `externalDatabase.existingSecret.enabled` | Whether to use a existing secret or not | `false` | -| `externalDatabase.existingSecret.secretName` | Name of the existing secret | `nil` | -| `externalDatabase.existingSecret.usernameKey` | Name of the key that contains the username | `nil` | -| `externalDatabase.existingSecret.passwordKey` | Name of the key that contains the password | `nil` | -| `externalDatabase.existingSecret.hostKey` | Name of the key that contains the database hostname or IP address | `nil` | -| `externalDatabase.existingSecret.databaseKey` | Name of the key that contains the database name | `nil` | -| `mariadb.enabled` | Whether to use the MariaDB chart | `false` | -| `mariadb.auth.database` | Database name to create | `nextcloud` | -| `mariadb.auth.username` | Database user to create | `nextcloud` | -| `mariadb.auth.password` | Password for the database | `changeme` | -| `mariadb.auth.rootPassword` | MariaDB admin password | `nil` | -| `mariadb.auth.existingSecret` | Use existing secret for MariaDB password details; see values.yaml for more detail | `''` | -| `mariadb.primary.persistence.enabled` | Whether or not to Use a PVC on MariaDB primary | `false` | -| `mariadb.primary.persistence.existingClaim` | Use an existing PVC for MariaDB primary | `nil` | -| `postgresql.enabled` | Whether to use the PostgreSQL chart | `false` | -| `postgresql.global.postgresql.auth.database` | Database name to create | `nextcloud` | -| `postgresql.global.postgresql.auth.username` | Database user to create | `nextcloud` | -| `postgresql.global.postgresql.auth.password` | Password for the database | `changeme` | -| `postgresql.global.postgresql.auth.existingSecret` | Name of existing secret to use for PostgreSQL credentials | `''` | -| `postgresql.global.postgresql.auth.secretKeys.adminPasswordKey` | Name of key in existing secret to use for PostgreSQL admin password | `''` | -| `postgresql.global.postgresql.auth.secretKeys.userPasswordKey` | Name of key in existing secret to use for PostgreSQL user password | `''` | -| `postgresql.global.postgresql.auth.secretKeys.replicationPasswordKey`| Name of key in existing secret to use for PostgreSQL replication password | `''` | -| `postgresql.primary.persistence.enabled` | Whether or not to use PVC on PostgreSQL primary | `false` | -| `postgresql.primary.persistence.existingClaim` | Use an existing PVC for PostgreSQL primary | `nil` | +| Parameter | Description | Default | +|----------------------------------------------------------------------|----------------------------------------------------------------------------------------|-----------------------| +| `internalDatabase.enabled` | Whether to use internal sqlite database | `true` | +| `internalDatabase.database` | Name of the existing database | `nextcloud` | +| `externalDatabase.enabled` | Whether to use external database | `false` | +| `externalDatabase.type` | External database type: `mysql`, `postgresql` | `mysql` | +| `externalDatabase.host` | Host of the external database in form of `host:port` | `nil` | +| `externalDatabase.database` | Name of the existing database | `nextcloud` | +| `externalDatabase.user` | Existing username in the external db | `nextcloud` | +| `externalDatabase.password` | Password for the above username | `nil` | +| `externalDatabase.existingSecret.enabled` | Whether to use a existing secret or not | `false` | +| `externalDatabase.existingSecret.secretName` | Name of the existing secret | `nil` | +| `externalDatabase.existingSecret.usernameKey` | Name of the key that contains the username | `nil` | +| `externalDatabase.existingSecret.passwordKey` | Name of the key that contains the password | `nil` | +| `externalDatabase.existingSecret.hostKey` | Name of the key that contains the database hostname or IP address | `nil` | +| `externalDatabase.existingSecret.databaseKey` | Name of the key that contains the database name | `nil` | +| `mariadb.enabled` | Whether to use the MariaDB chart | `false` | +| `mariadb.auth.database` | Database name to create | `nextcloud` | +| `mariadb.auth.username` | Database user to create | `nextcloud` | +| `mariadb.auth.password` | Password for the database | `changeme` | +| `mariadb.auth.rootPassword` | MariaDB admin password | `nil` | +| `mariadb.auth.existingSecret` | Use existing secret for MariaDB password details; see values.yaml for more detail | `''` | +| `mariadb.primary.persistence.enabled` | Whether or not to Use a PVC on MariaDB primary | `false` | +| `mariadb.primary.persistence.existingClaim` | Use an existing PVC for MariaDB primary | `nil` | +| `postgresql.enabled` | Whether to use the PostgreSQL chart | `false` | +| `postgresql.image.registry` | PostgreSQL image registry | `docker.io` | +| `postgresql.image.repository` | PostgreSQL image repository | `bitnami/postgresql` | +| `postgresql.image.tag` | PostgreSQL image tag | `15.4.0-debian-11-r10`| +| `postgresql.global.postgresql.auth.database` | Database name to create | `nextcloud` | +| `postgresql.global.postgresql.auth.username` | Database user to create | `nextcloud` | +| `postgresql.global.postgresql.auth.password` | Password for the database | `changeme` | +| `postgresql.global.postgresql.auth.existingSecret` | Name of existing secret to use for PostgreSQL credentials | `''` | +| `postgresql.global.postgresql.auth.secretKeys.adminPasswordKey` | Name of key in existing secret to use for PostgreSQL admin password | `''` | +| `postgresql.global.postgresql.auth.secretKeys.userPasswordKey` | Name of key in existing secret to use for PostgreSQL user password | `''` | +| `postgresql.global.postgresql.auth.secretKeys.replicationPasswordKey`| Name of key in existing secret to use for PostgreSQL replication password | `''` | +| `postgresql.primary.persistence.enabled` | Whether or not to use PVC on PostgreSQL primary | `false` | +| `postgresql.primary.persistence.existingClaim` | Use an existing PVC for PostgreSQL primary | `nil` | Is there a missing parameter for one of the Bitnami helm charts listed above? Please feel free to submit a PR to add that parameter in our values.yaml, but be sure to also update this README file :) diff --git a/charts/nextcloud/templates/deployment.yaml b/charts/nextcloud/templates/deployment.yaml index d1c57679..c06616e1 100644 --- a/charts/nextcloud/templates/deployment.yaml +++ b/charts/nextcloud/templates/deployment.yaml @@ -297,7 +297,7 @@ spec: - {{ printf "until mysql --host=%s-mariadb --user=${MYSQL_USER} --password=${MYSQL_PASSWORD} --execute=\"SELECT 1;\"; do echo waiting for mysql; sleep 2; done;" .Release.Name }} {{- else if .Values.postgresql.enabled }} - name: postgresql-isready - image: {{ .Values.postgresql.image.repository }}:{{ .Values.postgresql.image.tag }} + image: {{ .Values.postgresql.image.registry | default "docker.io" }}/{{ .Values.postgresql.image.repository }}:{{ .Values.postgresql.image.tag }} env: - name: POSTGRES_USER valueFrom: